Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[tlug] detect fake HTTP referrer
- Date: Wed, 16 Jan 2008 17:11:14 +0900
- From: "Nguyen Vu Hung" <vuhung16plus@example.com>
- Subject: [tlug] detect fake HTTP referrer
Hi,
My Apache reports that:
xx.xx.xx.xx.broad.fz.fj.dynamic.163data.com.cn - -
[16/Jan/2008:15:58:26 +0900] "GET
/aoc/recs/TheLegionClan_AoC_Pack1_1582_Games.zip HTTP/1.1" 206
306741059 "http://aoclife.ddo.jp/aoc/recs/"; "Mozilla/4.0 (compatible;
MSIE 6.0; Windows NT 5.0)
This look quite normal and valid. But in fact I am sure that the referer
"http://aoclife.ddo.jp/aoc/recs/";
is fake because all the accesses to
/aoc/recs/TheLegionClan_AoC_Pack1_1582_Games.zip
are
"http://aoclife.ddo.jp/aoc/recs/";
while
"http://aoclife.ddo.jp/aoc/recs/";
got no referrers !
Total traffic of TheLegionClan_AoC_Pack1_1582_Games.zip is 7.7TB.
I think that some website has put a link to that file, set referrer to
"http://aoclife.ddo.jp/aoc/recs/";
so that the request looks "normal". They are stealing my traffic.
Most of the traffic( IP address ) roots to China.
Anyone has any ideas how to hunt that site down?
--
Best Regards,
Nguyen Hung Vu ( Nguyễn Vũ Hưng )
vuhung16plus{remove}@example.com
An inquisitive look at Harajuku
http://www.flickr.com/photos/vuhung/sets/72157600109218238/
- Follow-Ups:
- Re: [tlug] detect fake HTTP referrer
- From: Attila Kinali
- Re: [tlug] detect fake HTTP referrer
- Prev by Date: [solved] Re: [tlug] shmget fails with error code = 22
- Next by Date: Re: [tlug] detect fake HTTP referrer
- Previous by thread: Re: [tlug] shmget fails with error code = 22
- Next by thread: Re: [tlug] detect fake HTTP referrer
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |